Network Setup: Opinions Wanted [message #41344] |
Tue, 04 January 2011 13:41 |
seanfulton
Messages: 105 Registered: May 2007
|
Senior Member |
|
|
I'm considering changing our network setup and would be very interesting in experiences from other members of the OpenVZ community.
Currently all of our VEs are on HNs with two NICs. Each NIC is connected to a separate IP LAN. We run Quagga and RIP on each HN to provide routing between the world and the VEs and between VEs.
In the current setup, public traffic travels over LAN A to the VEs. Nightly backups done by the HN travel over LAN B. The original intent was to have VE to VE traffic (data mirroring) also travel over LAN B, but we have never been able to configure Quagga properly so that VE to VE traffic is preferred over B without making a static route (we need fail-over for redundancy). As a result, VE to VE traffic uses whichever LAN it wants.
This seems to be a problem with RIP and Quagga seeing the VE's as PPP connections. I have not given up on this config, just never been able to get it working the way I'd like. I've also looked at OSPF for this purpose, but am not convinced I won't have the same problem there.
In any event, I read an article in one of the Linux mags this month about bonding, and using load-balanced bonding with two separate switches to provide a redundant backbone. I'm thinking now that perhaps it would make sense to create a bonded LAN A using two switches and connecting both NICs on each HN to LAN A. In this way, we would still have full redundancy against hardware failure, yet without having to deal with routing within the LAN. The servers would manage load balancing between the two NICs on the bond, and since both are Gigabit Ethernet, we shouldn't have to worry about bottlenecks. We would still use Quagga and RIP to direct traffic to the VEs, but would let the network figure out which physical wire to send it over.
I wanted to throw this out to see what others are doing and what your thoughts might be on either setup. I know that there is a HOWTO on using OSPF to announce VE migration, but I haven't anything on how to manage VE to VE traffic or force it to traverse a specific LAN.
Thoughts and ideas would be greatly appreciated.
sean
|
|
|
|